It's using the Browser exploit which has been out in the wild for quite some time now, although the capability to dump drive keys sounds good and smells of an incoming ODDE from a mile. I guess we'll see.